CROWDSTRIKE has fixed CVE-2026-40050 in its LogScale self-hosted product, a critical unauthenticated path traversal flaw that could let a remote attacker read arbitrary files from the server filesystem. According to CrowdStrike's advisory, the vulnerability exists in a specific cluster API endpoint and, if exposed, would allow unauthenticated access to sensitive files.
The company notes that Next-Gen SIEM customers are not affected, and LogScale SaaS users were protected on 7 April 2026 through network-layer mitigations across all clusters. Self-hosted LogScale customers are urged to upgrade to a patched version promptly, as the issue was discovered internally through continuous product testing.
The incident underscores how defensive software can become a high-value target, since compromising such tools could undermine visibility, disable alerts, or enable attackers to move laterally within networks. CrowdStrike emphasises timely patching and proactive vulnerability management for security infrastructure to prevent exploitation and preserve an organisation’s security posture.